15946 matches found
Massive Spam Campaign Targets Unpatched Systems
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word documen...
CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016
A family of Android malware was so successful that at its peak, over the course of two months last year, it infected 14 million devices and rooted more than half of them, roughly eight million devices. Researchers said early Tuesday the strain of malware, dubbed CopyCat, helped its authors earn...
Ubuntu Update Includes OpenSSL Fixes
Ubuntu users are being urged to update their operating systems to address a handful of recently patched OpenSSL vulnerabilities which affect Ubuntu and its derivatives. Developers with Canonical, the company that oversees the Linux distribution, announced the updates on Tuesday, encouraging users...
Apple Patches Critical Kernel Vulnerabilities
Apple today released new versions of iOS and macOS Sierra and addressed some overlapping code execution vulnerabilities in both its mobile and desktop operating systems. The updates were part of a bigger release of security updates from Apple that also included Safari, iCloud for Windows, and...
Serious TCP Bug in Linux Systems Allows Traffic Hijacking
A serious vulnerability in the TCP implementation in Linux systems deployed since 2012 version 3.6 of the Linux kernel can be used by attackers to identify hosts communicating over the protocol and ultimately attack that traffic. Researchers from the University of California, Riverside and the U....
3.2 Million Servers Vulnerable to JBoss Attack
Cisco Talos said on Friday that 3.2 million servers are vulnerable to the JBoss flaw used as the initial point of compromise in the recent SamSam ransomware attacks. Worse, researchers said that thousands of servers have already been backdoored. Hardest hit have been K-12 schools running library...
PowerWare Ransomware Uses PowerShell for Fileless Infections
Attackers are not through testing the limits of what they can do with new features in ransomware samples. That latest found in the wild is called PowerWare and it was discovered a week ago targeting a company in the healthcare industry, researchers at Carbon Black told Threatpost. What sets...
AirDroid Patches Vulnerability Exposing Android Data
A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan...
Oracle Patches Java Zero Day
Oracle has released its quarterly patch update, which includes fixes for nearly 200 vulnerabilities. The most notable bug fixed in this release is the Java zero day that’s been used in an ongoing attack campaign. The massive release from Oracle has patches for a long list of products, but the Jav...
January 2015 Oracle Critical Patch update
Oracle’s first Critical Patch Update of the year arrived Tuesday with its usual volume, and some disturbing fanfare. Oracle admins today are staring at 169 patches on their collective plates across the company’s product line. One of the more pressing fixes is for a an issue in the Oracle E-Busine...
PHP Patches Buffer Overflow Vulnerabilities
UPDATE Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including one that can lead to a heap-based buffer overflow. Researchers at the Swiss firm High-Tech Bridge dug up the vulnerabilities in versions 5.6.1, 5.5.17, and 5.4.33 of the framework. The...
Microsoft Expands TLS, Forward Secrecy Support
Microsoft is no exception when it comes to large technology providers committing to encrypting the services its users depend on. Today, the company announced an update on the progress it has made in engineering those changes, including the news that Outlook.com, its web-based email service,...
New Internet Explorer Zero Day Used in Targeted Attacks
There’s a new zero-day vulnerability in many of the current versions of Internet Explorer and is being used in active attacks right now. The exploit that’s in use has the ability to bypass both DEP and ASLR and researchers say it’s being used by a known APT group. Microsoft has issued an advisory...
BlackBerry Warns of Z10, PlayBook Security Vulnerabilities
BlackBerry’s security incident response team has issued two advisories warning Z10 smartphone and PlayBook tablet users to upgrade to the latest version of the operating system and software on both platforms. The patches address a remote code-execution vulnerability in the Adobe Flash Player...
USAID a Target of DoL Watering Hole Attackers
One of the nine sites serving malware tied to the recent watering hole attack on the U.S. Department of Labor was located in Cambodia and has ties to the United States Agency for International Development USAID. Speculation has it that the DoL attack was targeting downstream employees at the...
Nitol Infections Fall, But Malware Still Popping Up
When Microsoft went after the Nitol botnet in September, one of the key details in the investigation was the fact that much of the botnet was built by pre-loading malware onto laptops during the manufacturing process in China. This was the clearest case yet of the phenomenon of certified pre-owne...
Mozilla to Fix Libpng Bug in Firefox and Thunderbird
Mozilla is preparing to release a fix for a serious vulnerability in both Firefox and Thunderbird that could result in remote code execution. The update comes just a few days after the company released version 10.0.1 of Firefox, fixing a separate security bug. The new update for Firefox and...
Microsoft Warns of New IE Code Execution Flaw
Microsoft’s security response team is investigating reports of a potentially dangerous code execution vulnerability in its flagship Internet Explorer browser. The company warned that an attacker could host a maliciously crafted web page and run arbitrary code if they could convince a user to visi...
MS Patch Tuesday: 13 Bulletins, 26 Vulnerabilities
Microsoft today released 13 security bulletins with fixes for 26 vulnerabilities affecting Windows and Office users and warned customers to pay special attention to a slew of flaws that can be trivially exploited by malware miscreants. The company urged customers to prioritize and deploy four...
Microsoft Ships Temporary Fix-It for Critical Vista Flaw
With exploit code in circulation and facing a race against time to fix the SMB v2 vulnerability haunting Windows Vista and Windows Server 2008, Microsoft today shipped a one-click “fix-it” workaround to help users avoid malicious hacker attacks. The fix-it package, which was added to Redmond’s...
Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands
The bloom is back on phishing attacks with criminals doubling down on fake messages abusing popular brands compared to the year prior. Microsoft, Facebook and French bank Crédit Agricole are the top abused brands in attacks, according to study on phishing released Tuesday. The study by Vade...
State-Sponsored Phishing Attack Targeted Israeli Military Officials
An advanced persistent threat group, with ties to Iran, is believed behind a phishing campaign targeting high-profile government and military Israeli personnel, according to a report by Check Point Software. Targets of the campaign included a senior leadership in the Israeli defense industry, the...
High-Severity Intel Processor Bug Exposes Encryption Keys
A security vulnerability in Intel chips opens the door for encrypted file access and espionage, plus the ability to bypass copyright protection for digital content. That’s according to Positive Technologies PT, which found that the vulnerability CVE-2021-0146 is a debugging functionality with...
Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin
When Colorado resident Andrew Schober downloaded the Electrum Atom Bitcoin wallet from Reddit, he also picked up a piece of clipboard hijacking malware that eventually redirected his 16.4552 Bitcoin to a wallet controlled by two teenagers living in the U.K. At today’s price, 16.4552 Bitcoin would...
Bogus Cryptomining Apps Infest Google Play
Google has removed eight deceptive mobile apps from the Play Store that masquerade as cryptocurrency cloud-mining applications but which really exist to lure users into expensive subscription services and other fraudulent activity. They may have been removed, but researchers at Trend Micro noted...
‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars
An Iran-linked advanced persistent threat APT group has taken a scholarly bent with its latest phishing campaign, which involves lengthy chats with professors, think tank higher-ups and journalists focused on Middle Eastern affairs. The threat actor is Charming Kitten – aka a number of names,...
Peloton Bike+ Bug Gives Hackers Complete Control
The popular Peloton Bike+ and Peloton Tread exercise equipment contain a security vulnerability that could expose gym users to a wide variety of cyberattacks, from credential theft to surreptitious video recordings. According to research from McAfee’s Advanced Threat Research ATR team, the bug no...
REvil Ransomware Gang Spill Details on US Attacks
Cybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based firms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. A spokesperson for REvil shared its positions in...
Banking Attacks Surge Along with Post-COVID Economy
For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity. As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank frau...
Nobelium Phishing Campaign Poses as USAID
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center MSTIC...
Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags
Colonial Pipeline Co. may have turned off the tap following Friday’s ransomware attack, but the news about the devastating assault keeps gushing. In the wake of the DarkSide cyberattack, President Biden signed an executive order Wednesday aimed at bolstering the federal government’s cyber defense...
Spotlight on Cybercriminal Supply Chains
An examination of cybercrime ecosystems reveals it mirrors legitimate financial organization and market systems. “Cybercriminals need to move money and pay employees in their organization just like any other company,” said Derek Manky Chief Security Insights & Global Threat Alliances at Fortinet’...
Chinese Hackers Selling Intimate Stolen Camera Footage
Stolen videos captured by tens of thousands of security cameras at private properties throughout China are now for sale across social media, marketed as sex tapes. That’s according to the South China Morning Post, which reported that the cost of each “tape” varies, depending on how salacious the...
SolarWinds Attackers Accessed DHS Emails, Report
The SolarWinds cyberattackers compromised the head of the Department of Homeland Security DHS under former president Trump and other top-ranking members of the department’s cybersecurity staff, according to a report. In the campaign, adversaries were able to use SolarWinds’ Orion network manageme...
Cyberattacks See Fundamental Changes, A Year into COVID-19
COVID-19-related phishing emails, brute-force attacks on remote workers, and a focus on exploiting or abusing collaboration platforms are the hallmarks of cybercriminal enterprise as the coronavirus marks its first anniversary of going global. A year after the COVID-19 crisis was officially...
The time for Insider Risk Management is now: Code42 2021 Data Exposure Report Reveals a Perfect Storm
We all knew the overnight shift to remote work and cloud-based productivity and collaboration would dramatically change the Insider Risk landscape. But now, with nearly a year of data to look at, the Code42 2021 Data Exposure Report DER shows that the impact is pretty staggering: Employees are 85...
Second SolarWinds Attack Group Breaks into USDA Payroll — Report
There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to install the Supernova backdoor — notably, there was a conclusion by Microsoft back in December that this was the case. Now, sources told Reuters that there’s indeed evidence that a separate advance...
WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites
Developers of a plugin, used by WordPress websites for building pop-up ads for newsletter subscriptions, have issued a patch for a serious flaw. The vulnerability could be exploited by attackers to send out newsletters with custom content, or to delete or import newsletter subscribers. The plugin...
Ryuk Rakes in $150M in Ransom Payments
The Ryuk ransomware has earned its operators an estimated $150 million, according to an examination of the malware’s money-laundering operations. Joint research released this week from Brian Carter, principal researcher at HYAS, and Vitali Kremez, CEO at Advanced Intelligence, took a the look und...
Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API
An old attack method dating back to 2017 that uses voice-to-text to bypass CAPTCHA protections turns out to still work on Google’s latest reCAPTCHA v3. That’s according to researcher Nikolai Tschacher, who posted a video proof-of-concept PoC of the attack on Jan. 2. CAPTCHA, introduced in 2014, i...
How to Increase Your Security Posture with Fewer Resources
With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...
New Windows Trojan Steals Browser Credentials, Outlook Files
Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities– from collecting browser credentials to targeting Outlook files. The trojan, called PyMicropsia due to it being built with Python has been...
Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers
It’s a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans. Retailers...
Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals
The boozy names might sound like the kind of thing conjured up in a frat-house common room, but malware families Kegtap, Singlemalt and Winekey are being used to gain initial network access in potentially lethal ransomware attacks on healthcare organizations in the midst of a global pandemic,...
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher is claiming that Apple devices – with a macOS operating system and a T2 security chip – are open to an exploit that could give bad actors root access. A fix has not been issued by Apple. The flaw stems from the T2 chip, which is the second-generation version of Apple’s chip that...
Gamer Credentials Now a Booming, Juicy Target for Hackers
Credential theft targeting hardcore gamers has hit an all-time high as scams, illicit markets and account takeovers have become a booming business. The driving force behind the uptick in gaming-related crime is a sudden spike in usage of online games, spurred by the coronavirus pandemic and...
APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 a.k.a. Strontium, Sofacy or Fancy Bear to this newly uncovered pattern of O365 activity, which began in April and is...
How Zero Trust and SASE Can Redefine Network Defenses for Remote Workforces
Zero Trust has been touted for years as the future of network security. But, only recently has it started to gain traction as a practical enterprise security framework. The implementation of digital transformation initiatives has thrust Zero Trust into the spotlight as network applications and...
Augmenting AWS Security Controls
Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance...
Malicious 'Blur' Photo App Campaign Discovered on Google Play
A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...